blob: 697342b7cdb780c85b0ead75404e567e555959e8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
# /etc/wallet/wallet.conf -- Wallet system configuration. -*- perl -*-
#
# Configuration for the wallet system as used at Stanford University. See
# Wallet::Config(3) for complete details. Interesting features to note are
# loading the database password from an external file and full implementations
# of a naming policy check and default ACL rules.
#
# Written by Russ Allbery <eagle@eyrie.org>
# Copyright 2007-2010, 2012-2013
# The Board of Trustees of the Leland Stanford Junior University
#
# SPDX-License-Identifier: MIT
# default_owner and verify_name come from our policy module.
use Wallet::Policy::Stanford qw(default_owner verify_name);
$DB_DDL_DIRECTORY = '/usr/share/wallet';
$DB_DRIVER = 'mysql';
$DB_NAME = 'wallet';
$DB_HOST = 'localhost';
$DB_USER = 'wallet';
# Read the MySQL password from a separate file so that we don't have to commit
# it to the Puppet repository.
open(my $password_file, '<', '/etc/wallet/mysql-password')
or die "cannot open /etc/wallet/mysql-password: $!\n";
$DB_PASSWORD = <$password_file>;
close($password_file);
chomp($DB_PASSWORD);
# The maximum file object size is arbitrary, just something to keep anyone
# from filling the disk.
$FILE_BUCKET = '/srv/wallet/files';
$FILE_MAX_SIZE = 512 * 1024;
# Kerberos keytab backend confguration.
$KEYTAB_KRBTYPE = 'Heimdal';
$KEYTAB_FILE = '/etc/wallet/keytab';
$KEYTAB_FLAGS = '-clearpolicy';
$KEYTAB_HOST = 'krb5-admin.stanford.edu';
$KEYTAB_PRINCIPAL = 'service/wallet@stanford.edu';
$KEYTAB_REALM = 'stanford.edu';
$KEYTAB_TMP = '/var/lib/wallet';
# NetDB ACL type configuration.
$NETDB_REALM = 'stanford.edu';
$NETDB_REMCTL_CACHE = '/var/lib/wallet/krb5cc_wallet';
$NETDB_REMCTL_HOST = 'netdb-node-roles-rc.stanford.edu';
1;
|
